Package com.jalios.jcms.wysiwyg.safety
Class AttributeCleaner
- java.lang.Object
-
- com.jalios.jcms.wysiwyg.safety.Cleaner
-
- com.jalios.jcms.wysiwyg.safety.AttributeCleaner
-
- Direct Known Subclasses:
InlineStyleCleaner
public class AttributeCleaner extends Cleaner
Clean any HTML attribute value using aCleanersettings.- Since:
- jcms-10.0.0 / JCMS-6170
-
-
Constructor Summary
Constructors Constructor Description AttributeCleaner(java.lang.String attributeKey)Builds a new cleaner for the specified attribute.AttributeCleaner(java.lang.String attributeKey, java.lang.String splitRegex, java.lang.String delimiter)Builds a new cleaner for the specified attribute, which may contains multiple value seperated with the specified pattern.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Stringclean(java.lang.String unsafeValue)Clean the specified attribute value.voidclean(org.jsoup.nodes.Node node)Cleanstyleattribute in the specified node and its descendant.protected java.lang.StringcleanSingleValue(java.lang.String unsafeValue)Clean individual value of the attribute.voidconfigureFromProperties(JProperties prop)Configure the current cleaner with the specified properties.-
Methods inherited from class com.jalios.jcms.wysiwyg.safety.Cleaner
addBlacklistedValue, addWhitelistedValue, getBlacklist, getBlacklistRegex, getDefaultBehavior, getWhitelist, getWhitelistRegex, isAuthorized, isEnabled, removeBlacklistedValue, removeWhitelistedValue, setBlacklistRegex, setDefaultBehavior, setEnabled, setWhitelistRegex, toString
-
-
-
-
Constructor Detail
-
AttributeCleaner
public AttributeCleaner(java.lang.String attributeKey)
Builds a new cleaner for the specified attribute.- Parameters:
attributeKey- the name of the HTML attribute whose value is to be cleaned. (eg"id")
-
AttributeCleaner
public AttributeCleaner(java.lang.String attributeKey, java.lang.String splitRegex, java.lang.String delimiter)Builds a new cleaner for the specified attribute, which may contains multiple value seperated with the specified pattern.- Parameters:
attributeKey- the name of the HTML attribute whose value is to be cleaned. (eg"class")splitRegex- a regular expression used to split multiple values of the attribute (eg"\s").delimiter- a string used to seperate multiple values once they have been cleaned (eg" ").
-
-
Method Detail
-
configureFromProperties
public void configureFromProperties(JProperties prop)
Description copied from class:CleanerConfigure the current cleaner with the specified properties.- Overrides:
configureFromPropertiesin classCleaner- Parameters:
prop- a instance of JProperties, must not be null
-
clean
public java.lang.String clean(java.lang.String unsafeValue)
Clean the specified attribute value.- Parameters:
unsafeValue- value of the HTML attribute- Returns:
- a cleaned version of the value attribute, where only currently allowed css properties have been kept
-
cleanSingleValue
protected java.lang.String cleanSingleValue(java.lang.String unsafeValue)
Clean individual value of the attribute.When attributes accept several values (such as "class" attribute), this method is invoked for each of this value.
When attributes accept only one value (such as "id" attribute), this method is invoked one for the whole attribute value.Override to provide custom cleaning behavior.
- Parameters:
unsafeValue- the unsafe attribute value (or "split" value in case multiple values)- Returns:
- a safe sanitized value (or empty string if no value was kept, never return null)
-
clean
public void clean(org.jsoup.nodes.Node node)
Cleanstyleattribute in the specified node and its descendant.- Parameters:
node- the node to clean, must not be null
-
-